Facebook Fan Page iFrames Fail in HTTPS
This is a follow-up to my earlier post, An Overview of Facebook Latest Updates. As mentioned in this article, Facebook rolled out a new iframe feature for Fan Pages that allowed developers to frame in unique content, greatly increasing the functionality of Fan Page tabs… or at least, that was what we’d hoped for.
Unfortunately, it appears as though this feature fails miserably when users switch their account security settings in order to browse Facebook on a secure connection (https) whenever possible (Facebook is set to browse using an unsecure connection (http) as default). With threats like Firesheep making the Internet rounds, it only makes logical sense for users to bolster their security settings, and it’s something we at CIK Marketing highly recommend (to change your Facebook security settings, log into your account, click the “Account” link in the top right hand corner, and select “Account Settings.” Click the “change” link beside “Account Security” and select the “Browse Facebook on a secure connection (https) whenever possible.”)
Blank Pages Instead of iframes
Once a user has updated to browse Facebook using https, fishy things start happening on Fan Pages. Instead of rendering the content of custom tabs that are using the new iframe feature, Facebook simply displays a blank page. Test it out – visit the non-secure custom tab for the Chatham-Kent Police Service – make sure the URL starts with http://). Now, visit the secure custom tab for the same company make sure the url starts with https:// – notice anything different?)
Is There a Fix in Sight?
Statement from Facebook on the Facebook Bug Tracker Forum
Obviously, I’m not the only person asking for answers from Facebook. A fix is in the works, and is expected to roll out to production on Tuesday (TUESDAY?!?!) next week. Developers can track the progress on the official Facebook Bug Tracker Forum.
Now if you’ll excuse me, I have a number of apologetic emails to write to angry clients explaining to them that their custom tabs are probably not showing to the vast majority of their Fans… Is it Saturday yet?
5 thoughts on “Facebook Fan Page iFrames Fail in HTTPS”
Leave a Reply
Hope the problem will be solved soon.
But in your example I can see only BLANK pages for both links ?
Another of Facebook’s new quirks – if you’re not logged into Facebook, you won’t see any iframe content. So try logging into your profile then clicking the links, that should work.
Do you have any news today? I try to build a Facebook application, and I encounter the same problem : visitors connected with https can’t see the content of my application. It seems that Facebook wants to keep the secure connexion iframe.
Facebook custom tabs have changed a lot since this post was published. Here is a good link with information on the new process: https://developers.facebook.com/docs/appsonfacebook/pagetabs/
Just figured this out… Users with their security settings set to “use secure browsing where possible” will not see any custom tab content unless your server has SSL encryption installed on it.
Hope that helps.